单选题What is true about the operation of the Infranet Enforcer? （）A It assigns users a set of roles.B It allows access based on auth table entries.C It verifies whether an endpoint meets security requirements.D It configures the UAC agent to allow or deny a

第1题：

第2题：

Which two statements apply to dynamic access lists？（）

• A、they offer simpler management in large internetworks.
• B、you can control logging messages.
• C、they allow packets to be filtered based on upper-layer session information.
• D、you can set a time-based security policy.
• E、they provide a level of security against spoofing.
• F、they are used to authenticate individual users

第3题：

What is true about the operation of the Infranet Enforcer? （）

• A、It assigns users a set of roles.
• B、It allows access based on auth table entries.
• C、It verifies whether an endpoint meets security requirements.
• D、It configures the UAC agent to allow or deny access to resources.

第4题：

You notice that during peak hours, some firewall enforcers contain a high number of auth table entries. As you investigate the issue, you discover that all users are getting auth table mappings to all firewalls, which is not acceptable. What should you do on the Junos Pulse Access Control Service to resolve this problem?（）

• A、Delete the default auth table mapping policy
• B、Create auth table mapping policies that route users to specific resources
• C、Create Resource Access policies that permit access to specific resources
• D、Create Source Interface policies that route users to specific resources

第5题：

What is the primary purpose of creating a Location Group Policy? （）

• A、to associate more than one realm with an authentication server
• B、to logically group network access devices and associate them with specific sign-in policies
• C、to allow or prevent users from accessing resources in specific locations on the network
• D、to define the URL that users of network access devices can use to access the Infranet Controller

第6题：

You navigate to "UAC" > "Infranet Enforcer" > "Auth Table Mapping" in the admin GUI. You see one policy, which is the unmodified, original default policy.Which statement is true?（）

• A、Dynamic auth table mapping is not enabled.
• B、A successful authentication attempt will result in a new authentication table entry, which will be delivered only to the Junos enforcer protecting the network from which the user has authenticated.
• C、To create a static auth table mapping, you must delete the default policy.
• D、The default policy applies only to the factory-default role User.

第7题：

You administer a network containing SRX Series firewalls. New policy requires that you implement MAG Series devices to provide access control for end users. The policy requires that the SRX Series devices dynamically enforce security policy based on the source IP address of the user. The policy also requires that the users communicate with protected resources using encrypted traffic. Which two statements are true?（）

• A、The endpoints can use agentless access.
• B、Encrypted traffic flows between the endpoint and the enforcer.
• C、Encrypted traffic flows between the endpoint and the protected resource
• D、The endpoints can use the Odyssey Access Client.

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

第14题：

During the implement phase， systems acceptance testing provides which two of the following services for the customer（）

• A、It installs， configures， and verifies monitoring tools and processes in accordance with the operations implementation.
• B、It verifies that the Cisco Unified Communications solutions is ready for production.
• C、It verifies that the Cisco Unified Communications solution meets their business and technical requirements.
• D、It executes and verifies the migration plan by migrating network services from an existing state to a future state.
• E、It provides automated tools for measuring system performance under load.

第15题：

You deploy your companys Internet Web site. You need to deny anonymous access to the Web site, allowing only authenticated users. Which code segment should you use?（）

• A、<authorization> <allow users="?"/> </authorization>
• B、<authorization> <deny users="?"/> </authorization>
• C、<authorization> <deny users="*"/></authorization>
• D、<authorization> <allow users="*"/> </authorization>

第16题：

A user is successfully authenticating to the network but is unable to access protected resources behind a ScreenOS enforcer. You log in to the ScreenOS enforcer and issue the command get auth table infranet and you do not see the user listed.Which two event log settings on the Junos Pulse Access Control Service must you enable to troubleshootthis issue?（）

• A、Connection Requests
• B、System Errors
• C、Enforcer Events
• D、Enforcer Command Trace

第17题：

What must be updated regularly to detect the newest versions of personal firewalls on endpoints? （）

• A、Infranet Enforcer firmware
• B、Infranet Controller rollback software
• C、Host Security Assessment Plug-in (HSAP)
• D、Endpoint Security Assessment Plug-in (ESAP)

第18题：

What is the function of Host Checker?（）

• A、To allow clientless access to the network
• B、To restrict access to protected resources on the network
• C、To scan an endpointfor compliance with security policies
• D、To push a firewall policy to the endpoint's local firewall application

第19题：

You create a data block based on a relational table containing a REF column. You select the REF column for your form module. What is true about the items based on the REF column attributes?（）

• A、The Query Only property is set to Yes. 
• B、The Conceal Data property is set to Yes. 
• C、The Insert Allowed property is set to Yes. 
• D、The Update Allowed property is set to Yes.

第20题：

第21题：

第22题：

第23题：

第24题：